﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using DTO;
using System.Data;
using System.Data.SqlClient;
using System.Data.Common;

namespace DAO
{
    public class DangNhapDAO
    {
        Database db;
        SqlConnection sql;
        DataTable dt;
        DangNhapDTO dnDTO = new DangNhapDTO();
        public DangNhapDAO()
        {
            db = new Database();
            sql = db.getConnection();
        }


        public DangNhapDTO LayThongTinUser(string username)
        {
            string sql = "";
            sql = "SELECT USERNAME,HOTEN,PASSWORD,a.MAQUYEN,TENQUYEN FROM USERS a,PHANQUYEN b WHERE a.MAQUYEN=b.MAQUYEN AND USERNAME ='" + username + "'";
            dt = db.Execute(sql);
            if (dt.Rows.Count > 0)
            {
                DataRow rowUser = dt.Rows[0];
                dnDTO.Username = rowUser["USERNAME"].ToString();
                dnDTO.Password = rowUser["PASSWORD"].ToString();
                dnDTO.Hoten = rowUser["HOTEN"].ToString();
                dnDTO.Maquyen = rowUser["MAQUYEN"].ToString();
                dnDTO.Tenquyen = rowUser["TENQUYEN"].ToString();

            }
            else
            {

                dnDTO.Username = "";
                dnDTO.Password = "";
                dnDTO.Hoten = "";
                dnDTO.Maquyen = "";
                dnDTO.Tenquyen = "";


            }
            return dnDTO;
        }

        public void doipass(DangNhapDTO dnDTO)
        {
            SqlCommand updatecmd = new SqlCommand("Updatepass_Proc", sql);
            updatecmd.Connection = sql;
            updatecmd.CommandType = CommandType.StoredProcedure;

            SqlParameter paruser = new SqlParameter("@username", SqlDbType.NVarChar, 25);
            SqlParameter parpass = new SqlParameter("@pass", SqlDbType.NVarChar, 10);

            paruser.Value = dnDTO.Username;
            parpass.Value = dnDTO.Password;

            updatecmd.Parameters.Add(paruser);
            updatecmd.Parameters.Add(parpass);

            SqlDataAdapter dataAdapter = new SqlDataAdapter();
            dataAdapter.UpdateCommand = updatecmd;
            sql.Open();

            updatecmd.ExecuteNonQuery();
            sql.Close();
           // DangNhapDTO dnDTO=new DangNhapDTO();
           // string str="UPDATE USERS SET PASSWORD='"+password+"' WHERE USERNAME='"+dnDTO.Hoten+"'";
           // db.ExecuteNonQuery(str);
            //if (db.ExecuteQuery(sql))
            //    return true;
            //return false;
        }
        
    }
}
